Hackers put up for sale 13 million plaintext passwords stolen from 000webhost

Status
Not open for further replies.

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
000webhost, a popular free web hosting service, has suffered a data breach that resulted in the compromise of the name, email address and plaintext password of some 13 million of its customers.

The compromise was publicly disclosed on Wednesday by Troy Hunt, a Microsoft MVP for Developer Security and the creator and administrator of the Have I been pwned? service, where users can check whether their personal data has been leaked somewhere on the web.

He initially got the information about the breach from an anonymous tipster, who pointed him towards the database containing the compromised info.

He immediately started to analyze it, trying to discover whether the information in the database is legitimate. After having had many problems in trying to get in touch with someone at 000webhost who could help him, he made a public plea on Twitter, asking 000webhost users for help.

A few got in touch and confirmed that their email address and password are among the ones in the database.

After news about the possible breach started circulating, another tipster got in touch saying that "The database is selling for upwards of $2,000 right now, I can't understand which moron would be considering giving you a copy for free when people can make some serious money from this database."


Full article. Hackers put up for sale 13 million plaintext passwords stolen from 000webhost
 
L

LabZero

I remember when, in 2012, LinkedIn had 6.5 million of passwords theft because of a serious error: the passwords were encrypted but without adding to them a random bits sequence to make difficult decrypted if stolen (salting).
 
  • Like
Reactions: frogboy
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top